SCOM: Agent error Keyset does not exist

An issue to be aware of when you package your SCOM agent with your server build image is that when the server is built a certificate is generated for the agent to use, this certificate resides in the Operation Manager Certificate Store. If the server is then renamed due to it having a temporary build name you will see the below error in your Operations ManagerĀ event log.

Event: 7022
Source: HealthService

The Health Service has downloaded secure configuration for management group <MG Name>, and processing the configuration failed with error code Keyset does not exist(0x80090016).

Re-installing the agent will fix this issue but there is a simpler solution by Gerrie Louw, open your certificate MMC, navigate to the Operation Manager Store and delete the certificate, then restart your Healthservice.

The symptoms can occur with all versions of the SCOM / MMA agent underĀ the agent packaged with a server image scenario.

3 thoughts on “SCOM: Agent error Keyset does not exist

    1. Warren Kahn Post author

      Hi Mike,

      Will need to see if there’s a way to manipulate the certificates with a script, at the moment I’m not sure if one exists. I feel the easiest solution is not to image a server with the agent installed.

      Reply
  1. Bardia

    Thanks

    I removed the certificate and restarted the healthservice and it work instantly!
    I think I should remove this certificate on my server template.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.